Link to home
Start Free TrialLog in
Avatar of b2kris

asked on

Cisco ASA to Cent OS 5 ipsec tunnel ip forwarding / sharing

I have a windows server that I want to run a bunch of custom services on and share with several ip's via different linux boxes from outside vendor.

I'm trying to get the first setup complete so I can test so I only need 1 case but this solution will have to work with multiple outside linux servers and the same windows inside server.  

So my windows server has several IP's I'm going to use 2 for this example.

Windows Server - and
There is an ASA 5505 with a inside ip of and the outside ip of 50.x.x.1

Then I have a Cent 5 box with a single private ip of on eth0 and public ip's of 69.x.x.1 and 69.x.x.2 on eth1

iptables are installed but stopped.  openswan is installed and I have a tunnel up between the asa and the cent

ipsec service status shows 1 tunnels up

That's as far as I got.

What I would like to do is make it so when a user comes to 69.x.x.1 it is forwarded to and 69.x.x.2 and it goes to
and vice versa when a connection is established on I want it to route out through 69.x.x.1 and to route out through 69.x.x.2

I don't want the outside world to know about the 50.x.x.1 network.

The question is how can I configure this so that is possible with keeping in mind that someday I'll want this to work and then go get another outside linux box and have a new ip of 70.x.x.1 go to etc. etc.

Avatar of b2kris


I forgot to mention that foreach 1 to 1 mapping there will only be 1 port used.  For example

69.x.x.1 going to would be only tcp 80
69.x.x.2 going to would be only tcp 443
Avatar of David Akinsanya
David Akinsanya
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial